CVE-2024-35909: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: net: wwan: t7xx: Split 64bit accesses to fix alignment issues Some of the registers are aligned on a 32bit boundary, causing alignment faults on 64bit platforms. Unable to handle kernel paging request at virtual address ffffffc084a1d004 Mem abort info: ESR = 0x0000000096000061 EC = 0x25: DABT (current EL), IL = 32 bits SET = 0, FnV = 0 EA = 0, S1PTW = 0 FSC = 0x21: alignment fault Data abort info: ISV = 0, ISS = 0x00000061, ISS2 = 0x00000000 CM = 0, WnR = 1, TnD = 0, TagAccess = 0 GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 swapper pgtable: 4k pages, 39-bit VAs, pgdp=0000000046ad6000 [ffffffc084a1d004] pgd=100000013ffff003, p4d=100000013ffff003, pud=100000013ffff003, pmd=0068000020a00711 Internal error: Oops: 0000000096000061 [#1] SMP Modules linked in: mtk_t7xx(+) qcserial pppoe ppp_async option nft_fib_inet nf_flow_table_inet mt7921u(O) mt7921s(O) mt7921e(O) mt7921_common(O) iwlmvm(O) iwldvm(O) usb_wwan rndis_host qmi_wwan pppox ppp_generic nft_reject_ipv6 nft_reject_ipv4 nft_reject_inet nft_reject nft_redir nft_quota nft_numgen nft_nat nft_masq nft_log nft_limit nft_hash nft_flow_offload nft_fib_ipv6 nft_fib_ipv4 nft_fib nft_ct nft_chain_nat nf_tables nf_nat nf_flow_table nf_conntrack mt7996e(O) mt792x_usb(O) mt792x_lib(O) mt7915e(O) mt76_usb(O) mt76_sdio(O) mt76_connac_lib(O) mt76(O) mac80211(O) iwlwifi(O) huawei_cdc_ncm cfg80211(O) cdc_ncm cdc_ether wwan usbserial usbnet slhc sfp rtc_pcf8563 nfnetlink nf_reject_ipv6 nf_reject_ipv4 nf_log_syslog nf_defrag_ipv6 nf_defrag_ipv4 mt6577_auxadc mdio_i2c libcrc32c compat(O) cdc_wdm cdc_acm at24 crypto_safexcel pwm_fan i2c_gpio i2c_smbus industrialio i2c_algo_bit i2c_mux_reg i2c_mux_pca954x i2c_mux_pca9541 i2c_mux_gpio i2c_mux dummy oid_registry tun sha512_arm64 sha1_ce sha1_generic seqiv md5 geniv des_generic libdes cbc authencesn authenc leds_gpio xhci_plat_hcd xhci_pci xhci_mtk_hcd xhci_hcd nvme nvme_core gpio_button_hotplug(O) dm_mirror dm_region_hash dm_log dm_crypt dm_mod dax usbcore usb_common ptp aquantia pps_core mii tpm encrypted_keys trusted CPU: 3 PID: 5266 Comm: kworker/u9:1 Tainted: G O 6.6.22 #0 Hardware name: Bananapi BPI-R4 (DT) Workqueue: md_hk_wq t7xx_fsm_uninit [mtk_t7xx] pstate: 804000c5 (Nzcv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : t7xx_cldma_hw_set_start_addr+0x1c/0x3c [mtk_t7xx] lr : t7xx_cldma_start+0xac/0x13c [mtk_t7xx] sp : ffffffc085d63d30 x29: ffffffc085d63d30 x28: 0000000000000000 x27: 0000000000000000 x26: 0000000000000000 x25: ffffff80c804f2c0 x24: ffffff80ca196c05 x23: 0000000000000000 x22: ffffff80c814b9b8 x21: ffffff80c814b128 x20: 0000000000000001 x19: ffffff80c814b080 x18: 0000000000000014 x17: 0000000055c9806b x16: 000000007c5296d0 x15: 000000000f6bca68 x14: 00000000dbdbdce4 x13: 000000001aeaf72a x12: 0000000000000001 x11: 0000000000000000 x10: 0000000000000000 x9 : 0000000000000000 x8 : ffffff80ca1ef6b4 x7 : ffffff80c814b818 x6 : 0000000000000018 x5 : 0000000000000870 x4 : 0000000000000000 x3 : 0000000000000000 x2 : 000000010a947000 x1 : ffffffc084a1d004 x0 : ffffffc084a1d004 Call trace: t7xx_cldma_hw_set_start_addr+0x1c/0x3c [mtk_t7xx] t7xx_fsm_uninit+0x578/0x5ec [mtk_t7xx] process_one_work+0x154/0x2a0 worker_thread+0x2ac/0x488 kthread+0xe0/0xec ret_from_fork+0x10/0x20 Code: f9400800 91001000 8b214001 d50332bf (f9000022) ---[ end trace 0000000000000000 ]--- The inclusion of io-64-nonatomic-lo-hi.h indicates that all 64bit accesses can be replaced by pairs of nonatomic 32bit access. Fix alignment by forcing all accesses to be 32bit on 64bit platforms.
AI Analysis
Technical Summary
CVE-2024-35909 is a vulnerability identified in the Linux kernel, specifically affecting the 'wwan' driver for MediaTek T7xx series modems (mtk_t7xx). The root cause is improper handling of 64-bit memory accesses on 64-bit platforms due to alignment faults. Some hardware registers are aligned on 32-bit boundaries, but the driver attempts 64-bit accesses, causing kernel alignment faults and resulting in kernel panics or crashes. The error manifests as a kernel paging request failure with detailed abort information indicating an alignment fault (Data Abort with FSC=0x21). The vulnerability arises because the driver does not split 64-bit accesses into two 32-bit nonatomic accesses, which is necessary for proper alignment on 64-bit architectures. The fix involves including the header io-64-nonatomic-lo-hi.h and forcing all 64-bit accesses to be replaced by pairs of 32-bit nonatomic accesses, ensuring correct alignment and preventing faults. The vulnerability was observed on hardware such as the Bananapi BPI-R4 board running Linux kernel 6.6.22 with the mtk_t7xx module loaded. The issue can cause kernel crashes (Oops) and instability, impacting systems using affected MediaTek WWAN modems. No known exploits are reported in the wild as of publication. The vulnerability affects specific Linux kernel versions identified by commit hashes, and the problem is rooted in low-level hardware access code within the kernel's network WWAN driver stack.
Potential Impact
For European organizations, the impact of CVE-2024-35909 depends on the deployment of Linux systems utilizing MediaTek T7xx WWAN modems, commonly found in embedded devices, IoT gateways, industrial routers, and some edge computing hardware. A successful exploitation leads to kernel crashes and denial of service, which can disrupt network connectivity and device availability. This is particularly critical for organizations relying on cellular connectivity for remote sites, industrial control systems, or critical infrastructure monitoring. While the vulnerability does not directly enable code execution or privilege escalation, the resulting instability can cause operational outages and potentially trigger cascading failures in network-dependent services. Given the increasing adoption of Linux-based embedded devices in sectors like manufacturing, energy, and telecommunications across Europe, the vulnerability poses a risk to service continuity and operational reliability. However, since exploitation requires triggering the faulty driver code, the attack surface is limited to devices with the affected WWAN hardware and driver loaded. The lack of known exploits reduces immediate risk but patching is essential to prevent future attacks or accidental crashes.
Mitigation Recommendations
European organizations should take the following specific mitigation steps: 1) Identify all Linux systems using MediaTek T7xx WWAN modems or the mtk_t7xx kernel module, including embedded devices, industrial routers, and IoT gateways. 2) Apply the Linux kernel patch that splits 64-bit accesses into 32-bit nonatomic accesses as per the fix included in kernel version 6.6.22 or later, or backport the patch to supported kernel versions in use. 3) Where patching is not immediately feasible, consider disabling the mtk_t7xx driver or WWAN functionality temporarily to prevent kernel crashes. 4) Monitor kernel logs for alignment fault errors or Oops messages related to mtk_t7xx to detect potential exploitation or instability. 5) Coordinate with device vendors to obtain updated firmware or kernel versions incorporating the fix. 6) For critical infrastructure, implement redundancy and failover mechanisms to mitigate potential downtime caused by this vulnerability. 7) Maintain an inventory of affected hardware and track Linux kernel updates to ensure timely patch deployment. These targeted actions go beyond generic advice by focusing on the specific driver and hardware involved, ensuring operational continuity while addressing the root cause.
Affected Countries
Germany, France, United Kingdom, Netherlands, Italy, Spain, Poland, Sweden, Finland, Belgium
CVE-2024-35909: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: net: wwan: t7xx: Split 64bit accesses to fix alignment issues Some of the registers are aligned on a 32bit boundary, causing alignment faults on 64bit platforms. Unable to handle kernel paging request at virtual address ffffffc084a1d004 Mem abort info: ESR = 0x0000000096000061 EC = 0x25: DABT (current EL), IL = 32 bits SET = 0, FnV = 0 EA = 0, S1PTW = 0 FSC = 0x21: alignment fault Data abort info: ISV = 0, ISS = 0x00000061, ISS2 = 0x00000000 CM = 0, WnR = 1, TnD = 0, TagAccess = 0 GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 swapper pgtable: 4k pages, 39-bit VAs, pgdp=0000000046ad6000 [ffffffc084a1d004] pgd=100000013ffff003, p4d=100000013ffff003, pud=100000013ffff003, pmd=0068000020a00711 Internal error: Oops: 0000000096000061 [#1] SMP Modules linked in: mtk_t7xx(+) qcserial pppoe ppp_async option nft_fib_inet nf_flow_table_inet mt7921u(O) mt7921s(O) mt7921e(O) mt7921_common(O) iwlmvm(O) iwldvm(O) usb_wwan rndis_host qmi_wwan pppox ppp_generic nft_reject_ipv6 nft_reject_ipv4 nft_reject_inet nft_reject nft_redir nft_quota nft_numgen nft_nat nft_masq nft_log nft_limit nft_hash nft_flow_offload nft_fib_ipv6 nft_fib_ipv4 nft_fib nft_ct nft_chain_nat nf_tables nf_nat nf_flow_table nf_conntrack mt7996e(O) mt792x_usb(O) mt792x_lib(O) mt7915e(O) mt76_usb(O) mt76_sdio(O) mt76_connac_lib(O) mt76(O) mac80211(O) iwlwifi(O) huawei_cdc_ncm cfg80211(O) cdc_ncm cdc_ether wwan usbserial usbnet slhc sfp rtc_pcf8563 nfnetlink nf_reject_ipv6 nf_reject_ipv4 nf_log_syslog nf_defrag_ipv6 nf_defrag_ipv4 mt6577_auxadc mdio_i2c libcrc32c compat(O) cdc_wdm cdc_acm at24 crypto_safexcel pwm_fan i2c_gpio i2c_smbus industrialio i2c_algo_bit i2c_mux_reg i2c_mux_pca954x i2c_mux_pca9541 i2c_mux_gpio i2c_mux dummy oid_registry tun sha512_arm64 sha1_ce sha1_generic seqiv md5 geniv des_generic libdes cbc authencesn authenc leds_gpio xhci_plat_hcd xhci_pci xhci_mtk_hcd xhci_hcd nvme nvme_core gpio_button_hotplug(O) dm_mirror dm_region_hash dm_log dm_crypt dm_mod dax usbcore usb_common ptp aquantia pps_core mii tpm encrypted_keys trusted CPU: 3 PID: 5266 Comm: kworker/u9:1 Tainted: G O 6.6.22 #0 Hardware name: Bananapi BPI-R4 (DT) Workqueue: md_hk_wq t7xx_fsm_uninit [mtk_t7xx] pstate: 804000c5 (Nzcv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : t7xx_cldma_hw_set_start_addr+0x1c/0x3c [mtk_t7xx] lr : t7xx_cldma_start+0xac/0x13c [mtk_t7xx] sp : ffffffc085d63d30 x29: ffffffc085d63d30 x28: 0000000000000000 x27: 0000000000000000 x26: 0000000000000000 x25: ffffff80c804f2c0 x24: ffffff80ca196c05 x23: 0000000000000000 x22: ffffff80c814b9b8 x21: ffffff80c814b128 x20: 0000000000000001 x19: ffffff80c814b080 x18: 0000000000000014 x17: 0000000055c9806b x16: 000000007c5296d0 x15: 000000000f6bca68 x14: 00000000dbdbdce4 x13: 000000001aeaf72a x12: 0000000000000001 x11: 0000000000000000 x10: 0000000000000000 x9 : 0000000000000000 x8 : ffffff80ca1ef6b4 x7 : ffffff80c814b818 x6 : 0000000000000018 x5 : 0000000000000870 x4 : 0000000000000000 x3 : 0000000000000000 x2 : 000000010a947000 x1 : ffffffc084a1d004 x0 : ffffffc084a1d004 Call trace: t7xx_cldma_hw_set_start_addr+0x1c/0x3c [mtk_t7xx] t7xx_fsm_uninit+0x578/0x5ec [mtk_t7xx] process_one_work+0x154/0x2a0 worker_thread+0x2ac/0x488 kthread+0xe0/0xec ret_from_fork+0x10/0x20 Code: f9400800 91001000 8b214001 d50332bf (f9000022) ---[ end trace 0000000000000000 ]--- The inclusion of io-64-nonatomic-lo-hi.h indicates that all 64bit accesses can be replaced by pairs of nonatomic 32bit access. Fix alignment by forcing all accesses to be 32bit on 64bit platforms.
AI-Powered Analysis
Technical Analysis
CVE-2024-35909 is a vulnerability identified in the Linux kernel, specifically affecting the 'wwan' driver for MediaTek T7xx series modems (mtk_t7xx). The root cause is improper handling of 64-bit memory accesses on 64-bit platforms due to alignment faults. Some hardware registers are aligned on 32-bit boundaries, but the driver attempts 64-bit accesses, causing kernel alignment faults and resulting in kernel panics or crashes. The error manifests as a kernel paging request failure with detailed abort information indicating an alignment fault (Data Abort with FSC=0x21). The vulnerability arises because the driver does not split 64-bit accesses into two 32-bit nonatomic accesses, which is necessary for proper alignment on 64-bit architectures. The fix involves including the header io-64-nonatomic-lo-hi.h and forcing all 64-bit accesses to be replaced by pairs of 32-bit nonatomic accesses, ensuring correct alignment and preventing faults. The vulnerability was observed on hardware such as the Bananapi BPI-R4 board running Linux kernel 6.6.22 with the mtk_t7xx module loaded. The issue can cause kernel crashes (Oops) and instability, impacting systems using affected MediaTek WWAN modems. No known exploits are reported in the wild as of publication. The vulnerability affects specific Linux kernel versions identified by commit hashes, and the problem is rooted in low-level hardware access code within the kernel's network WWAN driver stack.
Potential Impact
For European organizations, the impact of CVE-2024-35909 depends on the deployment of Linux systems utilizing MediaTek T7xx WWAN modems, commonly found in embedded devices, IoT gateways, industrial routers, and some edge computing hardware. A successful exploitation leads to kernel crashes and denial of service, which can disrupt network connectivity and device availability. This is particularly critical for organizations relying on cellular connectivity for remote sites, industrial control systems, or critical infrastructure monitoring. While the vulnerability does not directly enable code execution or privilege escalation, the resulting instability can cause operational outages and potentially trigger cascading failures in network-dependent services. Given the increasing adoption of Linux-based embedded devices in sectors like manufacturing, energy, and telecommunications across Europe, the vulnerability poses a risk to service continuity and operational reliability. However, since exploitation requires triggering the faulty driver code, the attack surface is limited to devices with the affected WWAN hardware and driver loaded. The lack of known exploits reduces immediate risk but patching is essential to prevent future attacks or accidental crashes.
Mitigation Recommendations
European organizations should take the following specific mitigation steps: 1) Identify all Linux systems using MediaTek T7xx WWAN modems or the mtk_t7xx kernel module, including embedded devices, industrial routers, and IoT gateways. 2) Apply the Linux kernel patch that splits 64-bit accesses into 32-bit nonatomic accesses as per the fix included in kernel version 6.6.22 or later, or backport the patch to supported kernel versions in use. 3) Where patching is not immediately feasible, consider disabling the mtk_t7xx driver or WWAN functionality temporarily to prevent kernel crashes. 4) Monitor kernel logs for alignment fault errors or Oops messages related to mtk_t7xx to detect potential exploitation or instability. 5) Coordinate with device vendors to obtain updated firmware or kernel versions incorporating the fix. 6) For critical infrastructure, implement redundancy and failover mechanisms to mitigate potential downtime caused by this vulnerability. 7) Maintain an inventory of affected hardware and track Linux kernel updates to ensure timely patch deployment. These targeted actions go beyond generic advice by focusing on the specific driver and hardware involved, ensuring operational continuity while addressing the root cause.
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-05-17T13:50:33.121Z
- Cisa Enriched
- true
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9828c4522896dcbe2153
Added to database: 5/21/2025, 9:08:56 AM
Last enriched: 6/29/2025, 8:09:40 AM
Last updated: 7/30/2025, 6:50:28 PM
Views: 13
Related Threats
CVE-2025-8878: CWE-94 Improper Control of Generation of Code ('Code Injection') in properfraction Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress
MediumCVE-2025-8143: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in pencidesign Soledad
MediumCVE-2025-8142: CWE-98 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') in pencidesign Soledad
HighCVE-2025-8105: CWE-94 Improper Control of Generation of Code ('Code Injection') in pencidesign Soledad
HighCVE-2025-8719: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in reubenthiessen Translate This gTranslate Shortcode
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.